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Description 

BACKGROUND OF THE INVENTION 

1 . Field of the Invention 

[0001 ] The present invention relates to a storage me- 
dium used to store digital contents, such as programs 
and digitized text, audio and video, and to a method for 
updating revocation information that is used to prevent 
unauthorized electronic appliances from recording and 
reproducing digital contents. 

2. Description of the Related Art 

[0002] The advancements in digital and microproces- 
sor technologies in recent years have enabled the de- 
velopment of a great variety of electronic appliances. 
Examples of such are personal computers with multime- 
dia capabilities, set-top boxes, reproduction devices 
and game consoles. In addition to reproducing image 
data, audio data and other types of digital contents from 
recording media, such appliances can also download 
digital contents from networks like the Internet. 
[0003] Digital contents are generally copyrighted ma- 
terial that has been digitally encoded according to a 
technique such as MPEG 2 (Moving Pictures Experts 
Group 2) or MP3 (Moving Pictures Experts Group - Au- 
dio Layer 3). Such contents can be copied and transmit- 
ted on networks with no loss in quality. This means there 
is a growing need for technologies to stop improper acts 
that violate the copyrights over such material. 
[0004] Current electronic appliances such as person- 
al computers, set-top boxes, and reproduction devices 
tend to use "reversible" recording media, which here re- 
fers to recording media that are not player-dependent. 
Such media operate according to specifications that are 
usually made public. This makes it possible for users to 
transfer or copy digital contents onto other media at will, 
so that there is no effective way of protecting a digital 
content recorded on a recording medium. 
[0005] Memory cards, where a recording medium and 
a controller are integrated, have recently appeared on 
the market. Such cards can be provided with a protected 
region (hereinafter called a "concealed region") that can 
be accessed by an access control function of the con- 
troller according to a special procedure, but otherwise 
cannot be accessed by users. It is believed that digital 
contents can be protected more securely by using a con- 
cealed region to store important information (such as 
copy control information and transfer control informa- 
tion) that relates to the way in which digital contents can 
be used. 

[0006] The following describes one conceivable way 
to protect the copyright of a digital content. Whenever a 
digital content is transferred between any of the elec- 
tronic devices mentioned above and a recording medi- 
um, both devices first perform mutual authentication. 



This means that each device checks that the other is an 
authentic device equipped with the same copyright 
(content) protection mechanism (i.e., a predetermined 
content protection function). When both devices are au- 

5 thentic, they then exchange keys according to a key 
generation algorithm provided in both devices. Both de- 
vices thus obtain an authentication key, and use this key 
to respectively encrypt and decrypt either a content key 
(a different key used to encrypt the digital content), or 

10 the digital content itself. 

[0007] The above technique has the following prob- 
lem. The content protection mechanism (such as the in- 
formation and/or program used for mutual authentica- 
tion) has to be set in the electronic appliance before it 

is is shipped from the factory. After purchase, the electron- 
ic appliance (or more specifically the programs that run 
on an electronic appliance) may be subjected to tam- 
pering which renders the content protection mechanism 
inoperative. Such a modified electronic appliance can- 
20 not be detected and stopped by mutual authentication 
alone, so that improper use of the contents becomes 
possible. 

[0008] Digital contents could conceivably be afforded 
better protection by pre- recording revocation informa- 
25 tion in a special region on a recording medium. Revo- 
cation information shows invalid electronic appliances 
that should be prohibited from accessing contents 
stored on a recording medium. Such revocation infor- 
mation can be in the form of a list of identification infor- 
30 mation for such invalid electronic appliances. When the 
recording medium is loaded into an electronic appliance 
registered in the revocation information, the electronic 
appliance is prohibited from accessing the recording 
medium. In other words, the contents on the recording 
35 medium are protected by invalidating the electronic ap- 
pliance's right to access the recording medium. Such a 
method is known e.g. from document EP-A-0 930 556. 
[0009] This method has a drawback in that it is still 
necessary to set such revocation information in a non- 
40 rewritable region before the recording medium is 
shipped from the factory. This means that if tampering 
with electronic appliances (or programs of such appli- 
ances) results in the appearance of new types of invalid 
electronic appliances after a recording medium has 
45 been produced, such appliances cannot be added to the 
revocation information on the medium. Illegal access by 
such appliances cannot be prevented. 
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SUMMARY OF THE INVENTION 



[0010] The present invention was conceived in view 
of the above problem, and has an object of providing a 
storage medium that can refer to revocation information 
and prohibit access to a content by an unauthorized 
55 electronic appliance, even when the unauthorized elec- 
tronic appliance appears after the storage medium has 
been manufactured. The invention also aims to provide 
a suitable revocation information updating apparatus 
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and method for such medium. 
[001 1 ] The stated object can be achieved by a storage 
medium that is used having been loaded into an elec- 
tronic appliance, the storage medium including: a con- 
tent storage area for storing a digital content; a revoca- 5 
tion information storage area for storing, as revocation 
information, information that corresponds to identifica- 
tion information of an electronic appliance that is prohib- 
ited from accessing the digital content stored in the con- 
tent storage area; and a master revocation information 
storage area storing, as master revocation information, 
information that corresponds to identification informa- 
tion of an electronic appliance that is prohibited from up- 
dating the revocation information stored in the revoca- 
tion information storage area. 

[0012] With the stated construction, information cor- 
responding to the identification information of unauthor- 
ized electronic appliances that should not be allowed to 
update the revocation information can be registered in 
advance in the master revocation information storage 
area of the storage medium. By referring to this infor- 
mation, the storage medium can know whether an elec- 
tronic appliance that is trying to access the revocation 
information is an authorized appliance or an unauthor- 
ized appliance. 

[0013] The revocation information is stored in a se- 
cure rewritable storage region, so that even when an 
unauthorized electronic appliance appears after the 
storage medium is manufactured, information corre- 
sponding to the identification information of the electron- 
ic appliance can be additionally registered in the revo- 
cation information storage region. In this way, the unau- 
thorized electronic appliance can be prevented from ac- 
cessing digital productions stored on the storage medi- 
um. 

[001 4] Here, the storage medium may further include: 
a content protecting unit for performing a first judgment 
as to whether an electronic appliance into which the 
storage medium has been loaded has identification in- 
formation that corresponds to the revocation information 
stored in the revocation information storage region, and 
allowing the electronic appliance to access the digital 
content stored in the content storage region only if the 
first judgment is negative; and a revocation information 
updating unit for performing a second judgment as to 
whether the electronic appliance into which the storage 
medium has been loaded has identification information 
that corresponds to the master revocation information 
stored in the master revocation information storage re- 
gion, and allowing the electronic appliance to update the 
revocation information stored in the revocation informa- 
tion storage region only if the second judgment is neg- 
ative. 

[0015] With the stated construction, only electronic 
appliances with identification information that does not 
correspond to the content of the master revocation in- 
formation storage region are allowed to update the rev- 
ocation information stored on the storage medium. This 
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means that unauthorized electronic appliances can be 
prevented from tampering with the revocation informa- 
tion. 

[0016] Here, the master revocation information stor- 
age region may be provided in a ROM (read only mem- 
ory) in which the master revocation information is stored 
in advance. 

[0017] This protects the storage medium from attacks 
that try to tamper with the master revocation information 
after the storage medium has been manufactured. 
[001 8] Here, the storage medium may further include: 
a mutual authentication unit for performing mutual au- 
thentication with the electronic appliance into which the 
storage medium has been loaded before the revocation 
information updating means performs the second judg- 
ment and, if the mutual authentication succeeds, for 
generating a secret key that can be shared with the elec- 
tronic appliance, wherein the revocation information up- 
dating unit updates the revocation information using the 
secret key generated by the mutual authentication unit . 
[0019] With the stated construction, the crucial iden- 
tification information relating to which devices have au- 
thorization to update the revocation information is trans- 
ferred between the storage medium and an electronic 
appliance in a secure manner. This increases the secu- 
rity with which the revocation information is protected. 
[0020] Here, the revocation information updating unit 
may transmit a secret key, which the electronic appli- 
ance needs to update the revocation information, to the 
electronic appliance only if the second judgment is neg- 
ative. 

[0021] As a result, the result of the judgment as to 
whether an electronic appliance has authority to update 
the revocation information is kept secret. This thwarts 
third parties that try to intercept the communication be- 
tween the storage medium and an electronic appliance. 
[0022] Here, the revocation information may be sort- 
ed into a plurality of groups, the revocation information 
storage region may include a plurality of storage areas, 
and each group may be stored in a different storage ar- 
ea, and 

as the second judgment, the revocation informa- 
tion updating means may judge (1) whether the elec- 
tronic appliance into which the storage medium has 
been loaded has identification information that does not 
correspond to the master revocation information stored 
in the master revocation information storage region, and 
(2) whether the electronic appliance has identification 
information that does not correspond to the revocation 
information in a specified group of revocation informa- 
tion that the electronic appliance wishes to update, the 
second judgment being negative only when both (1 ) and 
(2) are affirmative, and the revocation information up- 
dating means allowing the electronic appliance to up- 
date only the revocation information in the specified 
group. 

[0023] As a result, even when an unauthorized third 
party manages to tamper with the revocation informa- 
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tion, the damage will be limited to one group of revoca- 
tion information. Other groups of revocation information 
are unaffected. 

[0024] The stated object can also be achieved by a 
method for updating revocation information on a storage 
medium, the method including: a detection step for de- 
tecting whether the storage medium has been loaded 
into an electronic appliance; a judgment step for per- 
forming a first judgment as to whether first identification 
information of the electronic appliance does not corre- 
spond to the master revocation information stored in the 
master revocation information storage area of the stor- 
age medium; and an updating step for updating the rev- 
ocation information stored in the revocation information 
storage area only when the first judgment is affirmative. 
[0025] The stated object can also be achieved by a 
revocation information updating apparatus for updating 
revocation information on a storage medium, the appa- 
ratus including: a first identification information storage 
unit for storing first identification information that does 
not correspond to the master revocation information 
stored in the master revocation information storage area 
of the storage medium; a permission obtaining unit for 
obtaining, using information corresponding to the first 
identification information stored in the first identification 
information storage means, permission from the storage 
medium to update the revocation information stored on 
the storage medium; and an updating unit for updating 
the revocation information stored on the storage medi- 
um in accordance with the permission obtained by the 
permission obtaining unit. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0026] These and other objects, advantages and fea- 
tures of the invention will become apparent from the fol- 
lowing description taken in conjunction with the accom- 
panying drawings which illustrate a specific embodi- 
ment of the invention. In the drawings: 

FIG. 1 shows the overall construction of a copyright 
protection system that is an embodiment of the 
present invention; 

FIG. 2 is a block diagram showing the construction 

of a content distribute system (CDS); 

FIG. 3 is a block diagram showing the construction 

of a PM (recording medium); 

FIG. 4 shows the composition and recorded content 

of an open ROM region of a PM; 

FIG. 5 shows the logical storage regions of the 

CDS; 

FIG. 6 is a block diagram showing the construction 
of a recording/playback apparatus (portable device 
(PD); 

FIG. 7 shows the logical storage regions of the PD; 
FIG. 8 is a block diagram showing the construction 
of a content usage management system (License 
Compliant Module (LCM)); 
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FIG. 9 shows the logical storage regions of the 
LCM; 

FIG . 1 0 shows the former part of the communication 
between the CDS and the PM and the processing 
5 flow; 

FIG. 11 shows the latter part of the communication 
between the CDS and the PM and the processing 
flow; and 

FIG. 12 shows the communication between the PM 
to and the PD and the processing flow. 

DESCRIPTION OF THE PREFERRED EMBODIMENT 

[0027] The following describes an embodiment of the 
15 present invention with reference to the attached figures. 
[0028] FIG. 1 shows the construction of a copyright 
protection system 1 00 according to the present embod- 
iment. 

[0029] This copyright protection system 1 00 protects 

20 the copyrights over digital material that is distributed 
electronically or through the use of recording media. As 
shown in FIG. 1 , the copyright protection system 1 00 is 
composed of a content distribute system (CDS) 1 in the 
form of a vending machine that electronically distributes 

25 music contents via a communication network such as 
the Internet, a recording medium (hereinafter portable 
media (PM) ) 13 for storing music contents, a recording/ 
playback apparatus (hereinafter, portable device (PD)) 
12 that is portable and can record music contents onto 

30 the PM 13 and playback music contents from PM 13, 
and a content usage control system (hereinafter, license 
compliant module (LCM) 21) that manages the record- 
ing, playback and transfer of music contents. 
[0030] The CDS 1, the PM 13, and the PD 12 are 

35 equipped with a function or construction that updates 
the revocation information described above to prevent 
unauthorized electronic appliances from making im- 
proper accesses to digital productions, even if the exist- 
ence of such unauthorized appliances is discovered af- 

40 ter the manufacture of the CDS 1 , the PM 13, the PD 
12, and the LCM 21. 

[0031] FIG. 2 is a block diagram showing the con- 
struction of the CDS 1 . The frame numbered 40 repre- 
sents an electronic music distributor (EMD), such as a 

45 music server or broadcast station. The frame numbered 
41 represents a revocation information licensing entity 
(RLE). When an unauthorized electronic appliance is 
newly discovered, this RLE 41 issues new revocation 
information including identification information for that 

50 electronic appliance. 

[0032] The CDS 1 can be realized by a specialized 
terminal (such as a kiosk terminal) and can be located 
in a record shop as one example. This CDS 1 is con- 
nected to the EMDs 40 and RLE 41 via transfer paths, 

55 and is composed of a secure music server (SMS) 2, an 
EMD_I/F (interface) unit 3, a PDJ/F unit 5, a media_l/ 
F unit 6, a concealed region driver 7, a registry storing 
unit 8, a license storing unit 9, a music data storing unit 
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10, a revocation information receiving unit 14, a user U 
F unit 1 5, and a revocation information storing unit 1 6. 
[0033] The functions of the CDS 1 are described be- 
low. 

(1) Content Recording (Purchasing) Function 

[0034] The CDS 1 records a content indicated by the 
user onto a PM 13 loaded into the CDS 1. This corre- 
sponds to when the user purchases the content. 

(2) Revocation Information Updating Function 

[0035] The CDS 1 updates the revocation information 
on a PM 13 loaded into the CDS 1 . This revocation in- 
formation shows which electronic appliances should be 
invalidated. 

[0036] The EMDJ/F unit 3 is a communication adapt- 
er or the like for connecting the CDS 1 to a plurality of 
EMD 40. The PDJ/F unit 5 is a USB (Universal Serial 
Bus) or the like that connects a PD 1 2 to the CDS 1 . The 
media_l/F unit 6 is a PCMCIA (Personal Computer 
Memory Card International Association) card slot or the 
like for loading a PM 13 into the CDS 1 . The revocation 
information receiving unit 14 is a communications 
adapter, or the like, which receives revocation informa- 
tion that is to be newly registered. The user l/F unit 15 
includes an LCD (liquid crystal display) and switches, 
button keys, or the like. 

[0037] The music data storing unit 1 0 is a flash mem- 
ory for storing encrypted music contents. The registry 
storing unit 8 is a memory storing attribute information 
and the like for the music contents stored in the music 
data storing unit 10. 

[0038] The license storing unit 9 is a memory for stor- 
ing a key, or other such information, that is used when 
decrypting an encrypted music content stored in the mu- 
sic data storing unit 1 0. The revocation information stor- 
ing unit 16 is a memory for temporarily storing revoca- 
tion information, such as revocation information re- 
ceived from the RLE 41 . 

[0039] The concealed region driver 7 is a control cir- 
cuit, or the like, for accessing the protected storage re- 
gions (described later) of the registry storing unit 8 and 
the like using a confidential procedure that is not made 
public. The SMS 2 is a CPU (Central Processing Unit) 
or the like for executing processing that controls the oth- 
er components to achieve the two functions mentioned 
above. 

[0040] The following describes the functions of the 
components of the CDS 1 and the control performed by 
the SMS 2 separately for the two functions (1) and (2) 
given above. 

(1) Content Recording (Purchasing) Function 

[0041] In the CDS 1, contents are protected against 
unauthorized use by having the contents encrypted and 



decrypted using identification information (a media ID) 
of each recording medium (PM 13) onto which the con- 
tents are recorded. 

[0042] The CDS 1 includes three reception units num- 
s bered #1 to #3 that each correspond to one of the three 
EMDs 40 also numbered #1 to #3. Encrypted contents 
(in the present example, music contents) and license in- 
formation (usage conditions, encrypted content decryp- 
tion keys etc.) distributed by the three EMDs 40 are re- 
10 ceived via the corresponding reception units #1 to #3. 
The encrypted contents distributed by the each EMD 40 
can be produced using different encryption methods 
and different audio encoding methods. Each of the re- 
ceiving units #1 to #3 may also be equipped with func- 
15 tions for playing back received audio and for billing the 
user. This billing function enables the user to purchase 
contents as desired. 

[0043] The SMS 2 receives, via the EMDJ/F unit 3, 
encrypted contents that have been purchased by the us- 

20 er. When necessary, the EMD_I/F unit 3 decrypts en- 
crypted contents that have been subjected to the audio 
encoding and encryption methods used by the different 
EMDs 40 and converts (re-encrypts) the contents using 
an audio coding format and encryption format used by 

25 the CDS 1 . 

[0044] On receiving an encrypted content, the SMS 2 
stores the encrypted content in the music data storing 
unit 10 and stores the key (the encrypted content de- 
cryption key) for decrypting the encrypted content in the 

30 license storing unit 9. The SMS 2 may be provided with 
a playback function to allow users to listen to a music 
content that has been distributed. When this is the case, 
the music contents managed by the SMS 2 may be re- 
produced on the CDS 1 . 

35 [0045] The SMS 2 is equipped with a function for out- 
putting an encrypted content (music content) stored in 
the music data storing unit 10 via the mediaJ/F unit 6 
to a PM 13, such as a memory card, that is loaded into 
the mediaJ/F unit 6. 

40 [0046] By setting a PM 13 in the PD 12, the user can 
have the encrypted contents (music contents) recorded 
on the PM 13 decrypted and played back by the PD 12. 
The SMS 2 can record contents on the PM 13 either 
directly via the mediaJ/F unit 6 or indirectly via the PD 

45 12. 

[0047] The user can also set the PM 13 in the LCM 
21 . The LCM 21 decrypts and plays back the encrypted 
(music) contents recorded on the PM 13. Alternatively, 
the user can have the encrypted (music) contents on the 
so PM 13 transferred onto the LCM 21 for storage in the 
LCM 21 thereafter. 

(2) Revocation Information Updating Function 

55 [0048] The revocation information is used to identify 
electronic appliances (PDs, LCMs, etc.) that should be 
invalidated from using a PM 13 in order to protect the 
contents on the PM 13. Here, "using a PM 13" means 
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recording contents on a PM 13 or reading and/or playing 
back contents recorded on a PM 13. This revocation in- 
formation is prerecorded on a PM 13 during manufac- 
ture. 

[0049] The revocation information updating function 
is performed by an electronic appliance that has special 
permission (CDS 1 in the present example) . When nec- 
essary, this function uses new revocation information to 
update the revocation information that was recorded on 
a PM 13 during manufacture. The revocation informa- 
tion needs to be updated when unauthorized appliances 
that should be invalidated are newly discovered. 
[0050] The CDS 1 is equipped with a revocation infor- 
mation receiving unit 14 that receives new revocation 
information from the RLE 41 . The new revocation infor- 
mation transferred from the RLE 41 to the CDS 1 is en- 
crypted to prevent tampering on the transfer path be- 
tween the two devices. As one example, this encryption 
may use an encryption key that is shared by the RLE 41 
and the CDS 1 beforehand. 

[0051] The SMS 2 receives the encrypted new revo- 
cation information that has been issued by the RLE 41 
via the revocation information receiving unit 14. The 
SMS 2 decrypts the encrypted new revocation informa- 
tion and stores the resulting new revocation information 
in the revocation information storing unit 1 6. When a PM 
13, such as a memory card, is loaded into the mediaj/ 
F unit 6 (i.e., when the mediaJ/F unit 6 detects that a 
PM 13 has been inserted), a function provided in the 
SMS 2 has the new revocation information in the revo- 
cation information storing unit 16 outputted to the PM 
13 via the mediaJ/F unit 6. The SMS 2 can record new 
revocation information on a PM 13 directly via the 
mediaJ/F unit 6 or indirectly via a PD 1 2. 
[0052] The following describes the various types of 
revocation information. Note that the recording media 
(here, PM 13) is not limited to the storage of digitized 
music, and may alternatively be used for recording an 
application system, like a so-called "electronic book". In 
this case, revocation information is issued for each ap- 
plication system. As a result, electronic appliances can 
be revoked separately for each of the application sys- 
tems and so that only electronic appliances with special 
permission for a given application system can be al- 
lowed to update the revocation information correspond- 
ing to that application system. In the present example, 
the CDS 1 is permitted to update only the revocation 
information for electronic appliances (e.g., PD, LCM) 
that handle digitized music. 

[0053] With this arrangement, even if a user tampers 
with the revocation information updating function of the 
CDS 1 , this will not affect other application systems as 
the user will still be prevented from updating the revo- 
cation information of other application systems. 
[0054] It is also possible to revoke an electronic ap- 
pliance, such as the CDS 1 , that has the special permis- 
sion to update the revocation information using special 
revocation information (hereafter called "master revoca- 



tion information") that is registered on a PM 13. In other 
words, master revocation information showing the spe- 
cial electronic appliances that have special permission 
to update the revocation information can also be intro- 
s duced into the copyright protection system 100 as a 
blacklist of unauthorized electronic appliances that 
would otherwise be capable of changing the revocation 
information. 

[0055] As one example, suppose that the revocation 
10 information updating function of a particular CDS 1 is 
modified so as to allow unauthorized use. Information 
that identifies this type of CDS 1 can be added to the 
master revocation information so as to prevent the mod- 
ified CDS 1 accessing the revocation information. This 
15 makes ft possible to prevent unauthorized tampering 
with the revocation information. 
[0056] Note that in the present embodiment, the mas- 
ter revocation information is assumed to be updated us- 
ing a different method to the updating method disclosed 
20 by the present invention. The master revocation infor- 
mation is instead updated by issuing a recording medi- 
um on which the new master revocation information is 
recorded and then using this medium to replace an old 
recording medium on which the old master revocation 
25 information was recorded. 

[0057] FIG. 2 is a block diagram showing the con- 
struction of the PD 1 2. This device is capable of record- 
ing and playback. 

[0058] FIG. 3 is a functional block diagram showing 
30 the construction of the PM 13. As shown in the diagram, 
the PM 1 3 includes a controller 1 30 and a recording me- 
dium part that is made up of an open region 131 and a 
concealed region 134. 

[0059] The concealed region 134 is a logical storage 
35 region that can only be accessed via the controller 130 
using a secret procedure. This concealed region 134 is 
used to store information that is required when decrypt- 
ing a content. As shown in FIG. 3, the concealed region 
1 34 is made up of a concealed ROM region 1 35 in which 
40 a secret constant (such as the unique mastermedia key 
KM-M that is described later) is stored and a concealed 
rewritable (RW) region 1 36 that stores secret variables 
(such as a license decrypting key (described later) sup- 
plied by the licenser, a content decrypting key that has 
45 been encrypted, and a unique media key KM-1). This 
content decrypting key that has been encrypted (here- 
after called the "encrypted content key") is produced by 
encrypting the content key KC used for decrypting the 
content C using the unique media key KM-1 that is 
50 unique to the PM 13. 

[0060] The unique master media key KM-M and the 
unique media key KM-1 need to be set at different val- 
uesforeach PM 13, with it being possible to use different 
kinds of identification information for each PM 13, such 
55 as a serial number or a product number (the product 
number of each PM 13 or the production lot number). 
However, the KM-M and KM-1 may instead be produced 
from unique identification information of the PM 13 and 
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the license decryption key. As examples, the concealed 
ROM region 135 can be physically provided in ROM (i. 
e., read only non-volatile memory), while the concealed 
RW region 136 can be provided in a flash memory (i.e., 
a rewritable non-volatile memory). 5 
[0061] The open region 1 31 is separate from the con- 
cealed region and can be accessed by conventional pro- 
cedures. This open region 131 is composed of a read- 
only open region 132 (hereafter called the "open ROM 
region") and a rewritable open region 133 (hereafter 10 
called the "open RW region"). As shown in FIG. 4, it is 
assumed that the open ROM region 132 also includes 
a region (hereafter called the "open ROM-W region 
132a") that can be only be rewritten according to a se- 
cret procedure. 15 
[0062] FIG. 4 shows the composition of the open 
ROM region 132 of the PM 13 and its stored content. As 
one example, the open ROM region 132 can physically 
provided within a ROM, for example, while the open RW 
region 133 and the open ROM-W region 132a can be 20 
physically provided within a flash memory. The open 
ROM region 1 32, the open RW region 1 33, and the open 
ROM-W region 132a may be respectively provided in 
the same ROM as the concealed ROM region 135 and 
the same flash memory as the concealed RW region 25 
136. 

[0063] The master revocation information (RL-M) is 
registered in advance in the open ROM region 132 
(hereafter used to mean parts of the open ROM region 
1 32 that are not the open ROM-W region 132a) before 30 
the PM 1 3 is shipped from the factory. One or more sets 
of revocation information (RL-1 , RL-2...) are also regis- 
tered in advance in the open ROM-W region 132a be- 
fore shipping. Such sets of revocation information can 
be replaced (updated) by executing the revocation in- 35 
formation updating function of the CDS 1 (or the like), 
which results in new revocation information being writ- 
ten into the open ROM-W region 132a via the controller 
1 30 of the PM 13 according to a secret procedure. Note 
that one or more sets of revocation information that do *o 
not need to be updated according to the method of the 
present invention may also be registered in advance in 
the open ROM region 132. 

[0064] In the present embodiment, the master revo- 
cation information and the one or more sets of revoca- 45 
tion information are lists of identification information 
(64-bit device IDs) of electronic appliances that should 
be revoked. As a result, the following explanation will 
refer to each set of revocation information as a "revoca- 
tion list RL M . The master revocation information will be so 
referred to as "RL-M", and each set of revocation infor- 
mation as "RL-1", "RL-2" etc. In this example, the revo- 
cation list RL-1 is used to revoke electronic appliances 
(such as a PD or an LCM) that record or play back dig- 
itized music. 55 
[0065] Contents that have been encrypted (hereafter 
simply "encrypted contents") and other data are stored 
as required in the open RW region 133. These contents 
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are encrypted using the content key KC. 
[0066] FIG. 5 shows the logical storage regions of the 
CDS 1. The CDS 1 has an open region 111, which is 
made up of the open ROM region 1 1 2 and the open RW 
region 113, and a concealed region 114 that can only be 
accessed according to a secret procedure. The music 
data storing unit 10 shown in FIG. 2 is provided in the 
open RW region 113. The open ROM region 112 in- 
cludes an open ROM-W region (not illustrated) in which 
the revocation information storing unit 16 shown in FIG. 
2 is provided. In this embodiment, the SMS 2 shown in 
FIG. 2 decrypts the encrypted new revocation informa- 
tion that is received from the RLE 41 and stores the de- 
crypted new revocation information into this open 
ROM-W region using a secret procedure. 
[0067] The identification information (device ID) 
ID_CDS is stored in advance in the concealed region 
114. A content key KC for each content is also stored 
as necessary in the concealed region 114. The con- 
cealed region 114 also provides the registry storing unit 
8 shown in FIG. 2. All of the music contents that are 
stored in the music data storing unit 1 0 (in the open RW 
region 1 1 3) and are managed by the SMS 2 have a con- 
tent ID (TID) and other such identification information as 
their attributes. This attribute information is called the 
"registry" and is stored in the registry storing unit 8 (pro- 
vided in the concealed region 114). 
[0068] The CDS 1 has a concealed region driver 7 that 
performs a special secret procedure to enable the SMS 
2 to access the registry storing unit 8 in the concealed 
region 114 and then read data from the registry storing 
unit 8. Note that the registry has no direct bearing on the 
present invention, and so its use will not be described 
in detail. 

[0069] The PD 1 2 includes an open region 121, made 
up of the open ROM region 1 22 and the open RW region 
123, and a concealed region 124 that can only be ac- 
cessed by a secret procedure. The identification infor- 
mation ID_PD of the PD 12 is permanently registered in 
the concealed region 124. A content key KC for each 
content is also stored in the concealed region 124. 
[0070] FIG. 6 is a block diagram showing the con- 
struction of the PD 1 2. FIG. 7 shows the logical storage 
regions provided in the PD 12. 

[0071] The PD 12 is a semiconductor audio playback 
device orthe like. As shown in FIG. 6, the hardware con- 
struction of the PD 12 includes a CPU 12a, a RAM 12b, 
a ROM 12c, a flash memory 12d, an external appliance 
l/F unit 12e, a mediaJ/F unit 12f, a demodulating unit 
12g for decrypting encrypted music contents and the 
like, and a decoder unit 12h and D/A converter unit 12i 
for decoding and processing compressed audio con- 
tents. As shown in FIG. 7, the PD 12 is provided with an 
open region 121 and a concealed region 124. 
[0072] The PM 1 3 is used having been into the media 
l/F unit 12f of the PD 12, as shown in FIG. 6. When the 
CDS 1 reads or writes data via the PD 12, the PD l/F 
unit 5 provided in the CDS 1 accesses the concealed 
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region 134 (see FIG. 3) of the PM 13 via the external 
appliance l/F unit 12e and the media l/F unit 12f of the 
PD 12. 

[0073] The media l/F unit 12f has a concealed region 
access unit (not illustrated) for accessing the concealed 
region 134 of the PM 13. The open RW region 123 and 
the concealed region 124 of the PD 12 are provided, for 
example, in a flash memory. A program that enables mu- 
tual authentication to be performed with the PM 13 is 
written in this ROM 12c. The PD 12 operates in accord- 
ance with this program under the control of the CPU 1 2a 
to perform mutual authentication with the PM 13. 
[0074] FIG. 8 is a block diagram showing the con- 
struction of the LCM 21 . The LCM 21 is realized by a 
personal computer and, with the exception of the func- 
tion for updating the revocation information, has funda- 
mentally the same construction as the CDS 1 . In other 
words, the LCM 21 includes an SMS 22, an EMDJ/F 
unit 23, a PDJ/F unit 25, a mediaJ/F unit 26, a con- 
cealed region driver 27, a registry storing unit 28, a li- 
cense storing unit 29, a music data storing unit 30, a 
CDJ/F unit 31 , and a user l/F unit 35.Like the CDS 1 , 
the LCM 21 has the following functions. The LCM 21 
can receive an encrypted content from an EMD 40 and 
store the content within the LCM 21. The LCM 21 can 
record an encrypted content stored within the LCM 21 
onto a PM 1 3 or read a music content from a PM 1 3 and 
thereafter store the content within the LCM 21 . 
[0075] FIG. 9 shows the logical storage regions pro- 
vided in the LCM 21 . Like the PM 13, the CDS 1 , and 
the PD 12, the LCM 21 is provided with an open region 
211, which is composed of an open ROM region 212 
and an open RW region 213, and a concealed region 
214 that can only be accessed using a special proce- 
dure. Identification information ID_LCM for the LCM 21 
is stored beforehand in the concealed region 214 and 
cannot be changed. The concealed region 214 also 
stores a content KC for each content as required. 
[0076] The PM 1 3 is used having been loaded into the 
media l/F unit 26 of the LCM 21 . When reading data from 
or writing data onto a PM 13, the concealed region 134 
of the PM 13 is accessed by the LCM 21 viathemediaj/ 
F unit 26 of the LCM 21 . The mediaJ/F unit 26 includes 
a concealed region access unit (not illustrated) for ac- 
cessing the concealed region 134 of the PM 13. The 
open RW region 213 and concealed region 214 of the 
LCM 21 can be provided on a flash memory, for exam- 
ple. 

[0077] The open ROM region 212 is provided within 
a ROM. A program that enables mutual authentication 
to be performed with the PM 13 is written in this ROM. 
The LCM 21 operates in accordance with this program 
under the control of a CPU (not illustrated) to perform 
mutual authentication with the PM 13. 
[0078] The following describes the operation of the 
copyright protection system 100 of the present embod- 
iment. In the described example, the user inserts the PM 
13 into the CDS 1 and selects a process that records a 
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music content distributed by an EMD 40 onto the PM 
1 3. This corresponds to the user purchasing the music 
content. In this example also, new revocation informa- 
tion that has been issued by an RLE (here, RLE 41 ) and 
5 stored in advance in the CDS 1 is recorded onto the PM 
1 3 along with the music content. 
[0079] FIGS. 1 0 and 1 1 respectively show the former 
part and latter part of the communication between the 
CDS 1 and the PM 13 and the processing flow for the 
described operation. 

[0080] When the user has given, via the user l/F unit 
15 of the CDS 1 for example, an indication to purchase 
a music content and a PM 13 has been loaded into the 
media l/F unit 6, the media l/F unit 6 of the CDS 1 can 
perform mutual authentication (also known as Authen- 
tication and Key Exchange - Master (AKE-M)) with the 
controller 130 of the PM 13 (Step S101). This AKE-M 
procedure is performed by the CDS 1 and the PM 13 as 
follows. 

[0081] First, the CDS 1 authenticates the PM 13. A 
CDS 1 that is allowed to update the revocation informa- 
tion is provided with an authentication key K1-M, as is 
the PM 13 (while not illustrated, these keys are stored 
in the concealed ROM regions). The CDS 1 generates 
a random number R1 and sends it to the PM 13. On 
receiving the random number R1 generated by the CDS 
1 , the PM 13 encrypts the random number R1 using the 
authentication key K1-M and sends the resulting en- 
crypted random number R1 (K1-M[R1]) to the CDS 1. 
The CDS 1 uses the authentication key K1 -M to decrypt 
this K1-M[R1] and, if the result is equal to the random 
number R1 , judges that the PM 13 is a proper device. 
[0082] After this, the PM 1 3 performs the same proc- 
ess for the CDS 1 to complete the mutual authentication. 
To do so, both the CDS 1 and the PM 13 have an au- 
thentication key K2-M, with the CDS 1 encrypting the 
random number R2 received from the PM 13 using this 
authentication key K2-M and the PM 1 3 decrypting this 
and confirming that the result is equal to the random 
number R2. 

[0083] In the present example, the authentication 
keys K1 -M and K2-M are only supplied to a special elec- 
tronic appliance (here, the CDS 1 ) that is allowed to up- 
date the revocation information, so that ordinary elec- 
tronic appliances (such as the LCM 21 ) can be prevent- 
ed from executing the authentication process AKE-M. 
[0084] When the CDS 1 and the PM 13 have found 
each otherto be proper devices in the above mutual au- 
thentication AKE-M of step S1 01 , the media l/F unit 6 of 
the CDS 1 and the controller 130 of the PM 13 perform 
key exchange to share the same session key (KY1). As 
one example, this session key KY1 can be a value found 
by taking a logical XOR for the random numbers R1 and 
R2 generated during the mutual authentication and then 
inputting the result into a secret key generation algo- 
rithm provided in advance in both the CDS 1 and the PM 
13. In this way, the session key KY1 is a time-variant 
key whose value changes every session. 
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[0085] The media l/F unit 6 of the CDS 1 reads the 
master identification information ID-MfortheCDS 1 that 
is concealed (stored) within the concealed region 114, 
encrypts this information ID-M using the session key KY- 
1 and sends the resulting encrypted ID-M (=KY1[ID-M]) 
to the PM 13 (step S102). 

[0086] The controller 130 of the PM 13 decrypts this 
KY1[ID-M] received from the CDS 1 using the session 
key (KY1) that it received during the preceding key ex- 
change and so obtains the ID-M (step S103). 
[0087] Next, the controller 1 30 of the PM 1 3 uses the 
master identification information ID-M of the CDS 1 that 
it has decrypted to refer to the master revocation list 
RL-M in the open ROM region 132. The controller 130 
judges whether the CDS 1 should be prohibited from us- 
ing the PM 13 by checking whether identification infor- 
mation that matches the ID-M is present in the master 
revocation list RL-M, (step S104). 
[0088] If identification information that matches the 
ID-M is present in the master revocation list RL-M, the 
controller 1 30 invalidates (revokes) use of the PM 1 3 by 
the CDS 1 and terminates its processing at this juncture. 
[0089] On the other hand, if identification information 
that matches the ID-M is not present in the master rev- 
ocation list RL-M , the controller 1 30 judges that the CDS 
1 is allowed to use the PM 13 (i.e., to update the revo- 
cation information), and so reads and outputs the unique 
master media key KM-M that is stored in a secret fashion 
in the concealed ROM region 1 35 (step S1 05). The con- 
troller 130 then performs key exchange with the media 
l/F unit 6 of the CDS 1 to share the same session key 
KY-2, before encrypting the read unique master media 
key KM-M using this session key KY-2 and sending the 
resulting encrypted KM-M (=KY2[KM-M]) to the CDS 1 
(step S106). 

[0090] This session key KY2 can be found, for exam- 
ple, as the result given when the session key KY1 de- 
scribed earlier is inputted into a secret key generation 
algorithm provided in advance in the CDS 1 and the PM 
13. 

[0091] The media l/F unit 6 of the CDS 1 decrypts the 
KY2[KM-M] received from the PM 13 using the session 
key KY2 obtained during the preceding key exchange 
and so obtains the unique master media key KM-M (step 

5107) . 

[0092] Next, the media l/F unit 6 of the CDS 1 encrypts 
the new revocation information RL-1 stored in the open 
ROM-W region and the new unique media key KM-1N 
generated by the media l/F unit 6 using the unique mas- 
ter media key KM-M and sends the resulting encrypted 
KM-M[RL-1] and KM-M[KM-1N] to the PM 13 (step 

5108) . 

[0093] The unique media key KM-1 N referred to here 
can be given, for example, as the output value produced 
when the session key KY2 described earlier is inputted 
into a key generation algorithm that is secretly stored in 
the CDS 1 . 

[0094] The controller 130 of the PM 13 decrypts the 



KM-M[RL-1] and the KM-M[KM-1N] received from the 
CDS 1 using the KM-M stored in the concealed ROM 
region 1 35 and so obtains RL-1 and KM-1 N (step S 109). 
[0095] Next, the media l/F unit 6 of the CDS 1 and the 

5 controller 1 30 of the PM 1 3 perform a similar mutual au- 
thentication (AKE-1) to the mutual authentication 
(AKE-M) described above (step S110). 
[0096] When doing so, the CDS 1 first authenticates 
the PM 13. To do so, both the CDS 1 and the PM 13 

10 store the same authentication key K1 -1 (which, while not 
illustrated, is stored in the respective concealed ROM 
regions). The CDS 1 generates the random number R3 
and sends it to the PM 13. On receiving this random 
number R3, the PM 13 encrypts it using the authentica- 

15 tion key K1 -1 and sends the resulting encrypted random 
number (K1-1[R3]) to the CDS 1. The CDS 1 uses the 
authentication key K1-1 to decrypt the KM[R3], checks 
whether the decryption result is equal to the random 
number R3 it generated earlier, and if so, judges that the 

20 PM 1 3 is a proper device. 

[0097] After this, the PM 1 3 performs the same proc- 
ess for the CDS 1 to complete the mutual authentication. 
To do so, both the CDS 1 and the PM 13 have an au- 
thentication key K2-1 , with the CDS 1 encrypting a ran- 

25 dom number R4 received from the PM 1 3 using this au- 
thentication key K2-1 and the PM 13 decrypting this and 
confirming that the result is equal to the random number 
R4. These authentication keys K1-1 and K2-1 are only 
provided to electronic appliances (in this example, PD 

30 1 2 and LCM 1 6) that are allowed to use music contents, 
and so can prevent electronic appliances that corre- 
spond to other application systems from performing the 
authentication process AKE-1. 

[0098] When the CDS 1 and the PM 13 have found 

35 each other to be proper devices in the above mutual au- 
thentication AKE-1 of step S110, the media l/F unit 6 of 
the CDS 1 and the controller 130 of the PM 13 perform 
key exchange to share the same session key (KX1). As 
one example, this session key KX1 can be a value found 

40 by taking a logical XOR for the random numbers R3 and 
R4 generated during the mutual authentication and then 
inputting the result into a secret key generation algo- 
rithm provided in advance in both the CDS 1 and the PM 
13. In this way, the session key KX1 is a time-variant 

45 key whose value changes every time. 

[0099] The media l/F unit 6 of the CDS 1 reads the 
identification information ID-1 for the CDS 1 that is con- 
cealed (stored) within the concealed region 114, en- 
crypts this information ID-I using the session key KX-1 

so and sends the resulting encrypted ID-1 (=KX1 [ID-1 ]) to 
the PM 13 (step S111). 

[0100] The controller 130 of the PM 13 decrypts this 
KX1[ID-1] received from the CDS 1 using the session 
key (KX1) that it received during the preceding key ex- 
55 change and so obtains the ID-1 (step S1 1 2). 

[01 01 ] Next, the controller 1 30 of the PM 1 3 uses the 
identification information ID-1 of the CDS 1 that it has 
decrypted to refer to the revocation list RL-1 in the open 
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ROM 132. The controller 130 judges whether the CDS 
1 should be prohibited from using the PM 1 3 by checking 
whether identification information that matches the ID- 
1 is present in the revocation list RL-1 (step S113). 
[0102] If identification information that matches the 
ID-1 is present in the revocation list RL-1 , the controller 
130 invalidates (revokes) use of the PM 13 by the CDS 
1 and terminates its processing at this juncture. 
[0103] On the other hand, if identification information 
that matches the ID-1 is not present in the revocation 
list RL-1, the controller 130 judges that the CDS 1 is 
allowed to use the PM 13 (i.e., to record a content), and 
so updates RL-1 and KM-1 using the new revocation 
information RL-1N and the new unique media key KM- 
1N received in step S109 (step S114). 
[0104] The media l/F unit 6 of the CDS 1 then per- 
forms key exchange with the controller 130 of the PM 
13 to share the same session key KX2, before reading 
the identification information ID-1 from the concealed re- 
gion 114 of the CDS 1 , encrypting it using the session 
key KX2, and sending this encrypted ID-1 (=KX2[ID-1]) 
to the PM 1 3 (step S1 1 5). As one example, this session 
key KX2 can be a value found as the output given when 
the session key KX1 is inputted into a secret key gen- 
eration algorithm provided in advance in both the CDS 
1 and the PM 13. 

[0105] The controller 130 of the PM 13 decrypts the 
KX-2[ID-1] received from the CDS 1 using the session 
key (KX2) obtained in the preceding key exchange, and 
so obtains ID-1 (step S116). 

[01 06] Next, the controller 1 30 of the PM 1 3 uses the 
decrypted identification information of the CDS 1 to refer 
to the new revocation list RL-1 N in the open ROM re- 
gion, and judges whether to prevent the CDS 1 from us- 
ing the PM 13 according to whether identification infor- 
mation that matches ID-1 is present in the revocation 
list RL-1N(stepS117). 

[0107] If identification information that matches ID-M 
is present in the revocation list RL-1 N, the controller 1 30 
judges that the present CDS 1 should be prevented from 
using the PM 13 (i.e., "revoked") and so terminates its 
processing at this juncture. 

[0108] On the other hand, if identification information 
that matches the ID-1 is not present in the master rev- 
ocation list RL-1N, the controller 130 judges that the 
CDS 1 is allowed to use the PM 1 3 (i.e., to record a con- 
tent), and so reads and outputs the unique media key 
KM-1 N that is stored in a secret fash ion in the concealed 
ROM region 135 (step S118). The controller 130 then 
performs key exchange with the media l/F unit 6 of the 
CDS 1 to share the same session key KX3, before en- 
crypting the read unique media key KM-1N using this 
session key KX3 and sending the resulting encrypted 
KM-1N (=KX3[KM-1N]) to the CDS 1 (step S119). As 
one example, this session key KX3 can be a value found 
as the output given when the session key KX2 is input- 
ted into a secret key generation algorithm provided in 
advance in both the CDS 1 and the PM 13. 



[0109] The media l/F unit 6 of the CDS 1 decrypts the 
KX3[KM-1 N] received from the PM 1 3 using the session 
key KX3 obtained during the preceding key exchange, 
and so obtains the unique media key KM-1 N (step 
5 S120). 

[0110] The media l/F unit 6 of the CDS 1 next uses 
the unique media key KM-1 N to encrypt the content key 
KC that is stored in a secret fashion in the concealed 
region 114, and sends the resulting encrypted KM-1 N 
10 [KC] to the concealed RW region of the PM 13 (step 
S121). 

[0111] The media l/F unit 6 of the CDS 1 sends the 
encrypted content KC[C] stored in the open RW region 
113 to the open RW region of the PM 13 (step S122). 

is [01 1 2] In this way, the method of the present embod- 
iment allows the CDS 1 to receive the encrypted master 
media key KM-M from a PM 13 only if the CDS is not 
invalidated (revoked) according to the master revoca- 
tion list RL-M. The new revocation information RL-1 

20 stored in the open ROM region 114 and the unique me- 
dia key KM-1N are encrypted using this unique master 
media key KM-M and are sent to the PM 13. 
[0113] As a result, CDS apparatuses that should be 
invalidated according to the master revocation list RL-M 

25 (i.e., electronic appliances that attempt to update the 
revocation information of the PM 13) will definitely be 
invalidated (excluded). If a device is invalidated accord- 
ing to the revocation list RL-1 , the PM 1 3 will not update 
the new revocation information RL-1 or the unique me- 

30 dia key KM-1 N. In the same way, the encrypted unique 
media key KM-1 N will only be transferred to the CDS 1 
from the PM 13 if the CDS 1 is not invalidated according 
to the new revocation list RL-1N. The content key KC 
stored in the concealed region 11 4 of the CDS 1 is then 

35 encrypted using the unique media key KM1-N and sent 
to the PM 13. In this way, CDS apparatuses that should 
be invalidated according to the new revocation list RL- 
1N (i.e., electronic appliances that attempt to use the 
PM 13) will definitely be invalidated (excluded). 

40 [0114] The following describes the operation when 
the PD 1 2 decrypts and plays back an encrypted content 
stored in the PM 13. While this explanation focuses on 
the case when the content is decrypted and played back 
by the PD 12, exactly the same procedure is used when 

45 contents are decrypted and played back by the LCM 21 . 
[0115] FIG. 12 shows the communication between 
the PM 13 and the PD 12 and processing flow in this 
case. 

[01 1 6] When the user instructs the PD 1 2 to play back 
so a content from a PM 13 that has been loaded into the 
media l/F unit 12f of the PD 12, the CPU 12a of the PD 
1 2 and the controller 1 30 of the PM 1 3 perform a similar 
mutual authentication AKE-1 to step S110 (step S201). 
When the CDS 1 and the PM 13 have found each other 
55 to be proper devices in the mutual authentication of step 
S201 , the CPU 12a of the PD 12 and the controller 130 
of the PM 13 perform key exchange to share the same 
session key (KX4). 
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[0117] The CPU 12a of the PD 12 reads the identifi- 
cation information ID-PD of the PD 12 that is concealed 
within the concealed region 1 24, and encrypts the iden- 
tification information ID-PD using the session key KX4. 
The media l/F unit 12f then sends the encrypted ID-PD 
(=KX4 [ID-PD]) to PM 13 (step S202). 
[0118] The controller 130 of the PM 13 decrypts the 
KX4[ID-PD] that it receives from the PD1 2 using the ses- 
sion .key KX4 it received during the preceding key ex- 
change and so obtains the ID-PD (step S203). 
[0119] The controller 130 of the PM 13 searches for 
the decrypted identification information ID-PD of the PD 
12 in the revocation list RL-1N in the open ROM-W re- 
gion and judges whether the PD 12 should be prohibited 
from using the PM 1 3 according to whether identification 
information that matches the ID-PD is present (step 
S204). 

[0120] On finding identification information that 
matches the ID-PD in the revocation list RL-1 N , the con- 
troller 130 judges that the PD 12 should be invalidated 
from using the PM 13 (i.e., revoked) and terminates its 
processing at this juncture. 

[0121] On the other hand, if identification information 
that matches the ID-PD is not present in the revocation 
list RL-1N, the controller 130 judges that the PD 12 is 
allowed to use the PM 1 3, and so reads and outputs the 
unique media key KM-1N that is concealed in the con- 
cealed RW region 136 (step S205). The controller 130 
then performs a key exchange with the CPU 12a of the 
PD 1 2 (via the media l/F unit 1 2f of the PD 1 2) to share 
the same session key KX5. The controller 1 30 encrypts 
the read unique media key KM-1N using this session 
key KX5 and sends the resulting encrypted KM-1N 
(=KX5[KM-1N]) to the PD 12 (step S206). This session 
key KX5 can be found, for example, as the result given 
when the session key KX4 described earlier is inputted 
into a secret key generation algorithm provided in ad- 
vance in the PD 12 and the PM 13. 
[0122] The CPU 12a of the PD 1 2 decrypts the KX5 
(KM-1 N]. received from the PM 13 using the session key 
KX5 obtained during the preceding key exchange and 
so obtains the unique media key KM-1 N (step S207). 
[0123] Next, the CPU 12a of the PD 12 reads the en- 
crypted content key KC stored in the concealed RW re- 
gion 136 of the PM 13 and decrypts it using the unique 
media key KM-1N obtained in step S207 (step S208). 
Next, the CPU 1 2a of the PD12 reads the encrypted con- 
tent C (=KC[CJ) that is stored in the open RW region 1 33 
of the PM 1 3, decrypts the encrypted content KC[C] us- 
ing the content key KC obtained in step S208, and plays 
back the content (step S209). 

[0124] In this way, the method of the present embod- 
iment allows the PD 1 2 to receive the encrypted unique 
media key KM-1 N from a PM 1 3 only if the PD 1 2 is not 
invalidated (revoked) according to the revocation list 
RL-1N. The encrypted content key (KM-1N[KCJ) con- 
cealed in the concealed RW region of the PM 13 is then 
decrypted using the unique media key KM1-N and is 



used by the PD 12 to decrypt the encrypted content. In 
this way, PDs that should be invalidated according to 
the new revocation list RL-1 N (i.e., electronic appliances 
that attempt to use the PM 13) will definitely be invali- 
5 dated. 

[0125] While the copyright protection system 100 of 
the present invention has been explained by means of 
the embodiment given above, it should be obvious that 
the present invention is not limited to the details given 
10 above. 

[01 26] For example, while the copyrighted digital ma- 
terial that is protected by the embodiment is music, vid- 
eo data for a movie or data for a computer program, such 
as game software, may also be protected. 

is [0127] Note that while the present embodiment de- 
scribes the case where a session key (numbered KYI or 
KXI) is used to encrypt information that is or should be 
concealed in a concealed region when transferring the 
information between the CDS 1 and the PM 13 or be- 

20 tween the PD 1 2 and the PM 1 3, such encryption is not 
absolutely necessary. However, encryption using a ses- 
sion key is preferable to increase the security with which 
contents can be protected. 

[0128] In the present embodiment, the master revo- 

25 cation list RL-M and the revocation lists RL-1 and RL- 
1 N are described as being registered in the open ROM 
region 1 32 or in the open ROM-W region, although such 
revocation lists may be stored in any region that cannot 
be altered. As one example, the lists may be stored in 

30 the concealed region 134 which can only be accessed 
according to a special procedure. 
[0129] While the above embodiment describes the 
case where the encrypted content key (KM-1 N[KC]) is 
stored in the concealed RW region 136, this key may 

35 instead be stored in the open RW region 1 33. 

[0130] While the above embodiment describes the 
case where the identification information of an electronic 
appliance is transferred from the electronic appliance to 
a recording medium, such transfer is not limited to this 

40 direction. This is to say, a recording medium may trans- 
fer identification information to an electronic appliance. 
[0131] As one example, a recording medium may 
store values E (ID,K1) and values E(ID,K2) in advance 
as the revocation information. The values E(ID,K1) are 

45 obtained by encrypting a predetermined first key K1 us- 
ing the identification information ID of electronic appli- 
ances that are allowed to access contents on the record- 
ing medium. Conversely, the values E(ID,K2) are ob- 
tained by encrypting a predetermined second key K2 us- 

so jng the identification information ID of electronic appli- 
ances that are prohibited from accessing contents on 
the recording medium. 

[0132] When the recording medium is attached to an 
electronic appliance, the recording medium sends the 
55 revocation information E described above to the elec- 
tronic appliance together with a random number R. 
[0133] On receiving the revocation information E and 
random number R, the electronic appliance decrypts the 
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revocation information E using its own identification in- 
formation. When the electronic appliance has not been 
revoked, this decrypting results in the electronic appli- 
ance obtaining the first key K1 . Conversely, when the 
electronic appliance has been revoked, this decrypting 
results in the electronic appliance obtaining the second 
key K2. The electronic appliance then encrypts the ran- 
dom number R using the key K (K1 or K2) that is de- 
crypting result and sends the obtained value E(K,R) to 
the recording medium. 

[0134] The recording medium decrypts the value E(K, 
R) it receives and compares the result (the random 
number R') with the random number R it transmitted to 
the electronic appliance. When these values match, the 
recording medium allows the electronic appliance to ac- 
cess contents. The master revocation information may 
have the same content and be checked using the same 
procedure, and the direction used to transfer the identi- 
fication information of an electronic appliance may be 
reversed. 



Claims 

1 . A storage medium that is used having been loaded 
into an electronic appliance, the storage medium 
comprising: 

a content storage area for storing a digital con- 
tent; 

a revocation information storage area for stor- 
ing, as revocation information, information that 
corresponds to identification information of an 
electronic appliance that is prohibited from ac- 
cessing the digital content stored in the content 
storage area; and 

a master revocation information storage area 
storing, as master revocation information, infor- 
mation that corresponds to identification infor- 
mation of an electronic appliance that is prohib- 
ited from updating the revocation information 
stored in the revocation information storage ar- 
ea. 

2. A storage medium in accordance with Claim ^fur- 
ther comprising: 



electronic appliance into which the storage me- 
dium has been loaded has identification infor- 
mation that corresponds to the master revoca- 
tion information stored in the master revocation 
^ information storage region, and allowing the 

electronic appliance to update the revocation 
information stored in the revocation information 
storage region only if the second judgment is 
negative. 

10 

3. A storage medium in accordance with Claim 2, 

wherein the master revocation information 
storage region is provided in a ROM (read only 
memory) in which the master revocation informa- 
15 tion is stored in advance. 

4. A storage medium in accordance with Claim 2, fur- 
ther comprising: 

20 a mutual authentication means for performing 

mutual authentication with the electronic appli- 
ance into which the storage medium has been 
loaded before the revocation information up- 
dating means performs the second judgment 
25 and, if the mutual authentication succeeds, for 

generating a secret key that can be shared with 
the electronic appliance, 

wherein the revocation information updating 
30 means updates the revocation information using 
the secret key generated by the mutual authentica- 
tion means. 

5. A storage medium in accordance with Claim 2, 

35 wherein the revocation information updating 

means transmits a secret key, which the electronic 
appliance needs to update the revocation informa- 
tion, to the electronic appliance only if the second 
judgment is negative. 

40 

6. A storage medium in accordance with Claim 2, 
wherein the revocation information is sorted 

into a plurality of groups, the revocation information 
storage region includes a plurality of storage areas, 
and each group is stored in a different storage area, 
and 

as the second judgment, the revocation infor- 
mation updating means judges 

(1) whether the electronic appliance into which 
the storage medium has been loaded has iden- 
tification information that does not correspond 
to the master revocation information stored in 
the master revocation information storage re- 
gion, and 

(2) whether the electronic appliance has iden- 
tification information that does not correspond 
to the revocation information in a specified 



content protecting means for performing a first 
judgment as to whether an electronic appliance 
into which the storage medium has been load- so 
ed has identification information that corre- 
sponds to the revocation information stored in 
the revocation information storage region, and 
allowing the electronic appliance to access the 
digital content stored in the content storage re- ss 
gion oniy if the first judgment is negative; and 
revocation information updating means for per- 
forming a second judgment as to whether the 
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group of revocation information that the elec- 
tronic appliance wishes to update, 

the second judgment being negative only 
when both (1) and (2) are affirmative, and the rev- 5 
ocation information updating means allowing the 
electronic appliance to update only the revocation 
information in the specified group. 

A storage medium in accordance with Claim 2, io 

wherein the revocation information storage 
region stores, as the revocation information, infor- 
mation that has been generated by encrypting a 
predetermined secret key using identification infor- 
mation of an electronic appliance that is prohibited is 
from accessing the digital content as a key, 

the content protecting means transmits the 
revocation information stored in the revocation in- 
formation storage region to the electronic appliance 
into which the storage medium is loaded, and judg- 20 
es whether information received in reply from the 
electronic appliance exhibits a predetermined reg- 
ularity to determine whether the electronic appli- 
ance has identification information that corre- 
sponds to the revocation information stored in the 25 
revocation information storage region, 

the master revocation information storage re- 
gion stores, as the master revocation information, 
information that has been generated by encrypting 
a predetermined secret key using identification in- 30 
formation of an electronic appliance that is prohib- 
ited from updating the revocation information as a 
key, and 

the revocation information updating means 
transmits the master revocation information stored 35 
in the master revocation information storage region 
to the electronic appliance, and judges whether in- 
formation received in reply from the electronic ap- 
pliance exhibits a predetermined type of regularity 
so as to judge whether the electronic appliance has 40 
identification information that corresponds to the 
master revocation information stored in the master 
revocation information storage region. 

A method for updating revocation information on a *s 
storage medium, the storage medium being used 
having been loaded into an electronic appliance 
and including (1) a content storage area for storing 
a digital content, (2) a revocation information stor- 
age area for storing, as revocation information, in- so 
formation that corresponds to identification informa- 
tion of an electronic appliance that is prohibited from 
accessing the digital content stored in the content 
storage area, and (3) a master revocation informa- 
tion storage area storing, as master revocation in- ss 
formation, information that corresponds to identifi- 
cation information of an electronic appliance that is 
prohibited from updating the revocation information 



stored in the revocation information storage area, 
the method comprising: 

a detection step for detecting whether the stor- 
age medium has been loaded into an electronic 
appliance; 

a judgment step for performing a first judgment 
as to whether first identification information of 
the electronic appliance does not correspond 
to the master revocation information stored in 
the master revocation information storage area 
of the storage medium; and 
an updating step for updating the revocation in- 
formation stored in the revocation information 
storage area only when the first judgment is af- 
firmative. 

9. The revocation information updating method of 
Claim 8, 

wherein the updating step has information 
corresponding to second identification information 
of an electronic appliance stored in the revocation 
information storage region as new revocation infor- 
mation. 

10. A revocation information updating method in ac- 
cordance with Claim 9, further comprising: 

a mutual authentication step where mutual au- 
thentication is performed between the electron- 
ic appliance and the storage medium and, only 
if the mutual authentication succeeds, a secret 
key that is to be shared by the electronic appli- 
ance and the storage medium is generated, 

wherein the updating step updates the revo- 
cation information using the secret key generated 
during the mutual authentication step. 

11. A revocation information updating method in ac- 
cordance with Claim 10, 

wherein the updating step includes: 

a transfer substep for encrypting, when the first 
judgment is affirmative, information that corre- 
sponds to the second identification information 
of the electronic appliance using the secret key 
generated during the mutual authentication 
step, and having the encrypted information 
transferred from the electronic appliance to the 
storage medium; and 

a storage substep for decrypting the transferred 
encrypted information using the secret key and 
storing the information in the revocation infor- 
mation storage region as new revocation infor- 
mation. 

12. A revocation information updating method in ac- 
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cordance with Claim 9, 

wherein the judging step includes a judging 
substep for performing a third judgment as to 
whether the second identification information corre- 
sponds to the revocation information stored in the 5 
revocation information storage region, and 

when the first judgment is affirmative and the 
third judgment is negative, the updating step has 
the second identification information stored in the 
revocation information storage region as new revo- 10 
cation information. 

13. A revocation information updating method in ac- 
cordance with Claim 9, 

wherein the master revocation information fs 
storage region stores, as the master revocation in- 
formation, information produced by encrypting a 
special secret key using identification information of 
an electronic appliance that is prohibited from up- 
dating the revocation information as a key, and 20 

the judging step transmitting the master rev- 
ocation information stored in the master revocation 
information storage region to the electronic appli- 
ance into which the storage medium has been load- 
ed and judging whether the identification informa- 25 



tion of the electronic appliance corresponds to the 
master revocation information stored in the master 
revocation information restricted region on the stor- 
age medium by judging whether a response re- 
ceived from the electronic appliance exhibits a pre- 
determined type of regularity. 



26 

cation information storage means, permission 
from the storage medium to update the revoca- 
tion information stored on the storage medium; 
and 

updating means for updating the revocation in- 
formation stored on the storage medium in ac- 
cordance with the permission obtained by the 
permission obtaining means. 

15. A revocation information updating apparatus in ac- 
cordance with Claim 14, 

wherein the updating means updates the rev- 
ocation information using information that is stored 
beforehand and corresponds to second identifica- 
tion information. 

16. A revocation information updating apparatus in ac- 
cordance with Claim 15, further comprising: 

a mutual authentication means for performing 
mutual authentication with the storage medium 
before the permission obtaining means tries to 
obtain permission to update the revocation in- 
formation and, only when the mutual authenti- 
cation has succeeded, generating a secret key 
that can be shared with the storage medium, 

wherein the updating means updates the rev- 
ocation information using the secret key generated 
30 by the mutual authentication means. 

17. A revocation information updating apparatus in ac- 
cordance with Claim 16, further comprising: 

wherein the updating means updates the rev- 
ocation information by encrypting new revocation 
information corresponding to the second identifica- 
tion information using the secret key generated by 
the mutual authentication means and has the en- 
crypted information transferred from the electronic 
appliance to the storage medium. 

1 8. A revocation information updating apparatus in ac- 
cordance with Claim 15, 

wherein the revocation information is sorted 
into a plurality of groups and the revocation infor- 
mation storage region includes a plurality of storage 
regions that each store a different group, 

the updating means only updating the revo- 
cation information in a group that corresponds to the 
second identification information. 

19. A revocation information updating apparatus in ac- 
cordance with Claim 15, 

wherein the master revocation information 
storage region stores, as the master revocation in- 
formation, information produced by encrypting a 
predetermined secret key using identification infor- 
mation of an electronic appliance that is prohibited 



1 4. A revocation information updating apparatus for up- 
dating revocation information on a storage medium, 
the storage medium being used having been loaded 35 
into an electronic appliance and including (1 ) a con- 
tent storage area for storing a digital content, (2) a 
revocation information storage area for storing, as 
revocation information, information that corre- 
sponds to identification information of an electronic 40 
appliance that is prohibited from accessing the dig- 
ital content stored in the content storage area, and 
(3) a master revocation information storage area 
storing, as master revocation information, informa- 
tion that corresponds to identification information of 45 
an electronic appliance that is prohibited from up- 
dating the revocation information stored in the rev- 
ocation information storage area, 
the apparatus comprising: 

so 

a first identification information storage means 
for storing first identification information that 
does not correspond to the master revocation 
information stored in the master revocation in- 
formation storage area of the storage medium; ss 
a permission obtaining means for obtaining, us- 
ing information corresponding to the first iden- 
tification information stored in the first identifi- 
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from updating the revocation information as a se- 
cret key, and 

the permission obtaining means obtaining the 
permission by receiving the master revocation in- 
formation sentfrom the storage medium, decrypting 
the master revocation information using the first 
identification information of the electronic appli- 
ance, and sending a decrypted result and informa- 
tion that exhibits a predetermined type of regularity 
to the storage medium. 



PatentansprOche 

1. Speichermedium, das eingelegt in eine elektroni- 
sche Vorrichtung verwendet wird, wobei das Spei- 
chermedium umfasst. 

ein Inhaltsspeichergebiet zum Speichem eines di- 
gitalen Inhalts; 

ein Widerrufungsinformations-Speichergebiet zum 
Speichem einer Information als Widerrufungsinfor- 
mation, die der Identifizierungsinformation einer 
elektronischen Vorrichtung entspricht, die am Zu- 
griff des digitalen Inhalts, der in dem Inhaltsspei- 
chergebiet gespeichert ist, gehindert wird; und 
ein Masteiwiderrufungsinformations-Speicherge- 
biet, das als eine Masterwiderrufungsinformation 
eine Information speichert, die einer tdentifizie- 
rungsinformation einer elektronischen Vorrichtung 
entspricht, die am Aktualisieren der Widerrufungs- 
information, die in dem Widerrufungsinformations- 
Speichergebiet gespeichert ist, gehindert wird. 

2. Speichermedium nach Anspruch 1 , das auBerdem 
umfasst: 

eine Inhaltsschutzeinrichtung zum Ausfiihren 
einer ersten Bewertung, ob eine elektronische 
Vorrichtung, in welche das Speichermedium 
eingelegt wurde, die Identifizierungsinformati- 
on aufweist, die der Widerrufungsinformation 
entspricht, die in dem Widerrufungsinformati- 
ons-Speicherbereich gespeichert wurde, und 
der elektronischen Vorrichtung den Zugriff zu 
dem digitalen Inhalt nur ermoglicht, der in dem 
Inhaltsspeicherbereich gespeichert ist, wenn 
die erste Bewertung negativ ist; und 

eine Widerrufungsinformations-Aktualisie- 
rungseinrichtung zum Ausfuhren einer zweiten 
Bewertung, ob die elektronische Vorrichtung, in 
welche das Speichermedium eingelegt wurde, 
die Identifizierungsinformation aufweist, die 
der Masterwiderrufungsinformation entspricht, 
die in dem Masterwiderrufungsinformations- 
Speicherbereich gespeichert ist und der elek- 
tronischen Vorrichtung ermoglicht, die Widerru- 
fungsinformation nur zu aktualisieren, die in 
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dem Widerrufungsinformations-Speicherbe- 
reich gespeichert ist, wenn die zweite Bewer- 
tung negativ ist. 

Speichermedium nach Anspruch 2, wobei der Ma- 
sterwiderrufungsinformations-Speicherbereich in 
einem ROM (Festwertspeicher) vorgesehen ist, in 
welchem die Masterwiderrufungsinformation im 
voraus gespeichert wurde. 

Speichermedium nach Anspruch 2, das auBerdem 
umfasst: 

eine Authentisierungsaustauscheinrichtung 
zum Ausfuhren einer wechselseitigen Authen- 
tisierung mit der elektronischen Vorrichtung, in 
welche das Speichermedium eingelegt wurde, 
bevor die Widerrufungsinformations-Aktuali- 
sierungseinrichtung die zweite Bewertung aus- 
fuhrt und wenn die wechselseitige Authentisie- 
rung erfolgreich verlauft zum Erzeugen eines 
Geheimschlussels, der gemeinsam mit der 
elektronischen Vorrichtung benutzt werden 
kann, 

wobei die Widerrufungsinformations-Aktualisie- 
rungseinrichtung die Widerrufungsinformation un- 
ter Verwendung des Geheimschlussels aktualisiert, 
der durch die Authentisierungsaustauscheinrich- 
tung erzeugt wurde. 

Speichermedium nach Anspruch 2, wobei die Wi- 
derrufungsinformations-Aktualisierungseinrich- 
tung einen Geheimschliissel, welchen die elektro- 
nische Vorrichtung zum Aktualisieren der Widerru- 
fungsinformation benotigt, an die elektronische Vor- 
richtung nur dann ubertragt, wenn die zweite Be- 
wertung negativ ist. 

Speichermedium nach Anspruch 2, 
wobei die Widerrufungsinformation in eine Vielzahl 
von Gruppen sortiert ist, wobei der Widerrufungsin- 
formations-Speicherbereich eine Vielzahl von Spei- 
chergebieten einschlieBt und jedeGruppe in einem 
anderen Speichergebiet gespeichert ist, und 
als die zweite Bewertung die Widerrufungsinforma- 
tions-Aktualisierungseinrichtung bewertet 

(1) ob die elektronische Vorrichtung, in welche 
das Speichermedium eingelegt wurde, eine 
Identifizierungsinformation aufweist, die nicht 
der Masterwiderrufungsinformation entspricht, 
die in dem Materwiderrufungsinformations- 
Speicherbereich gespeichert ist, und 

(2) ob die elektronische Vorrichtung eine Iden- 
tifizierungsinformation aufweist, die nicht der 
Widerrufungsinformation in einer besonderen 
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Gruppe von Widerrufungsinformationen ent- 
spricht, die die elektronische Vorrichtung zu ak- 
tualisieren wunscht, 

wobei die zweite Bewertung nur dann negativ ist. 
wenn sowohl (1) und (2) positiv sind, und wobei die 
Widerrufungsinformations-Aktualisierungseinrich- 
tung der elektronischen Vorrichtung nur die Aktua- 
lisierung der Widerrufungsinformation in der be- 
stimmten Gruppe ermoglicht. 

Speichermedium nach Anspruch 2, 
wobei der Widerrufungsinformations-Speicherbe- 
reich als die Widerrufungsinformation eine Informa- 
tion speichert, die durch Verschlusseln eines vor- 
bestimmten Geheimschlussels unter Verwendung 
einer Identifizierungsinformation einer elektroni- 
schen Vorrichtung erzeugt wurde, die am Zugriff 
des digitalen Inhalts als ein Schlussel gehindert 
wird, 

wobei die tnhaltsschutzeinrichtung die Widerru- 
fungsinformation, die in dem Widerrufungsinforma- 
tions-Speicherbereich gespeichert ist, an die elek- 
tronische Vorrichtung ubertragt, in welcher das 
Speichermedium eingeiegt ist und bewertet, ob die 
Information, die in Antwort von der elektronischen 
Vorrichtung empfangen wurde, eine vorbestimmte 
Ordnung zeigt, urn zu bestimmen, ob die elektroni- 
sche Vorrichtung die Identifizierungsinformation 
aufweist, die der Widerrufungsintormation ent- 
spricht, die in dem Widerrunfungsinformations- 
Speicherbereich gespeichert ist, 
wobei der M asterwiderrufungs inform ations-Spei- 
cherbereich als die Masterwiderrufungsinformation 
eine Information speichert, die durch Verschlusseln 
eines vorbestimmten Geheimschlussels erzeugt 
wurde unter Verwendung einer Identifizierungsin- 
formation einer elektronischen Vorrichtung, die am 
Aktualisieren der Widerrufungsinformation als ei- 
nen Schlussel gehindert wird, und 
wobei die Widerrufungsinformations-Aktualisie- 
rungseinrichtung die Masterwiderrufungsinformati- 
on, die in dem M asterwiderrufungs inform ations- 
Speicherbereich gespeichert ist, an die elektroni- 
sche Vorrichtung ubertragt und bewertet, ob die In- 
formation, die in Antwort von der elektronischen 
Vorrichtung empfangen wird, eine vorbestimmte Art 
der Ordnung zeigt, urn zu bewerten, ob die elektro- 
nische Vorrichtung eine Identifizierungsinformation 
aufweist, die der Masterwiderrufungsinformation 
entspricht, die in dem Masterwiderrufungsinforma- 
tions-Speicherbereich gespeichert ist. 

Verfahren zum Aktualisieren einer Widerrufungsin- 
formation auf einem Speichermedium, wobei das 
Speichermedium eingeiegt in eine elektronische 
Vorrichtung verwendet wird und einschlieBt (1) ein 
Inhaltsspeichergebiet zum Speichem eines digita- 



len Inhalts, (2) ein Widerrufungsinformations-Spei- 
chergebiet zum Speichem als Widerrufungsinfor- 
mation eine Information, die der Identifizierungsin- 
formation einer elektrischen Vorrichtung entspricht, 

5 die am Zugriff des digitalen Inhaltes gehindert wird, 
die in dem Inhaltsspeichergebiet gespeichert ist, 
und (3) ein Masterwiderrufungsinformations-Spei- 
chergebiet, das als Masterwiderrufungsinformation 
eine information speichert, die der Identifizierungs- 

10 information einer elektronischen Vorrichtung ent- 
spricht, die am Aktualisieren der Widerrufungsinfor- 
mation, die in dem Widerrufungsinformations-Spei- 
chergebiet gespeichert ist, gehindert wird, 
wobei das Verfahren umfasst: 

15 

ein Ermittlungsschritt zum Ermitteln, ob das 
Speichermedium in eine elektronische Vorrich- 
tung eingeiegt wurde; 

20 ein Bewertungsschritt zum Ausfuhren einer er- 

sten Bewertung, ob die erste Identifizierungs- 
information der elektronischen Vorrichtung 
nicht der Masterwiderrufungsinformation ent- 
spricht, die in dem Masterwiderrufungsinforma- 

25 tions-Speichergebiet des Speichermediums 

gespeichert ist; und 

ein Aktualisierungsschritt zum Aktualisieren 
der Widerrufungsinformation, die in dem Wder- 
30 rufungsinformations-Speichergebiet gespei- 

chert ist, nur dann, wenn die erste Bewertung 
positiv ist. 

9. Widerrufungsinformations-Aktualisierungsverfah- 
35 ren nach Anspruch 8, wobei der Aktualisierungs- 
schritt eine Information aufweist, die der zweiten 
Identifizierungsinformation einer elektronischen 
Vorrichtung entspricht, die in dem Widerrufungsin- 
formations-Speicherbereich als eine neue Widerru- 

40 fungsinformation gespeichert ist. 

1 0. Widerruf ungsinformations-Aktualisierungsverfah- 
ren nach Anspruch 9, das auBerdem umfasst: 

45 einen Authentisierungsaustauschschritt, wobei 

eine wechselseitige Authentisierung zwischen 
der elektronischen Vorrichtung und dem Spei- 
chermedium ausgefuhrt wird, und nur dann, 
wenn die wechselseitige Authentisierung er- 

50 foigreich verlauft, wird ein Geheimschlussel er- 

zeugt, der gemelnsam durch die elektronische 
Vorrichtung und das Speichermedium benutzt 
wird, 

55 wobei der Aktualisierungsschritt die Widerrufungs- 
information unter Verwendung des Geheimschlus- 
sels aktualisiert, der wahrend des Authentisie- 
rungsaustauschschritts erzeugt wurde. 
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11. Wideraifungsinformations-Aktualisierungsvertah- 
ren nach Anspruch 10, 

wobei der Aktualisierungsschritt einschlieBt: 

einen Obertragungs-Teilschritt zum Verschlus- 5 
seln, wenn die erste Bewertung positiv ist, einer 
Information, die der zweiten Identifizierungsin- 
formation der elektronischen Vorrichtung ent- 
spricht unter Verwendung des Geheimschlus- 
sels, der wahrend des Authentisierungsaus- 10 
tauschschritts erzeugt wurde, und der das 
Ubertragen der verschlussetten Information 
von der elektronischen Vorrichtung zu dem 
Speichermedium aufweist; und 

15 

einen Speicher-Teilschritt zum Entschlusseln 
der ubertragenen verschlussetten Information 
unter Verwendung des Geheimschlussels und 
Speichem der Information in dem Widerru- 
fungsinformations-Speicherbereich als neue 20 
Widerrufungsinformation. 

12. Widerrufungsinformations-Aktualisiemngsverfah- 
ren nach Anspruch 9, wobei der Bewertungsschritt 
einen Bewertungs-Teilschritt zum Ausfuhren einer 25 
dritten Bewertung ausfuhrt, ob die zweite Identifi- 
zierungsinformation der Widerrufungsinformation 
entspricht, die in dem Widerrufungsinformations- 
Speicherbereich gespeichert wurde, und 

wenn die erste Bewertung positiv ist und die dritte 30 
Bewertung negativ ist, wird durch den Aktualisie- 
rungsschritt die zweite Identifizierungsinformation 
in dem Widerrufungsinformations-Speicherbereich 
als neue Widerrufungsinformation gespeichert. 

35 

13. Wderrufungsinformations-Aktualisierungsverfah- 
ren nach Anspruch 9, 

wobei der Masterwiderrufungs inform ations-Spei- 
cherbereich als die Masterwiderrufungsinformation 
eine Information speichert, die durch Verschlusseln *o 
eines speziellen Geheimschlussels erzeugt wurde 
unter Verwendung einer Identifizierungsinformation 
einer elektronischen Vorrichtung, die am Aktuaiisie- 
ren der Widerrufungsinformation als ein Schlussel 
gehindert wird, 45 
wobei der Bewertungsschritt die Masterwiderru- 
fungsinformation, die in dem Masterwiderrufungs- 
informations-Speicherbereich gespeichert ist, an 
die elektronische Vorrichtung ubertragt, in welcher 
das Speichermedium eingelegt ist, und bewertet, 50 
ob die Identifizierungsinformation der elektroni- 
schen Vorrichtung der Masterwiderrufungsinforma- 
tion entspricht, die in dem beschrankten Masterwi- 
derrufungsinformationsbereich auf dem Speicher- 
bereich gespeichert ist durch Bewerten, ob eine 55 
Antwort, die von der elektronischen Vorrichtung 
empfangen wurde, eine vorbestimmte Art der Ord- 
nung zeigt. 
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1 4. Widerrutungsinformations-Aktualisierungsvorrich- 
tung zum Aktualisieren einer Widerrufungsinforma- 
tion auf einem Speichermedium, wobei das Spei- 
chermedium eingelegt in eine elektronische Vorrich- 
tung verwendet wird und einschlieBt (1) ein Inhalts- 
speichergebiet zum Speichem eines digitalen ln- 
halts, (2) ein Widerrufungsinformations-Speicher- 
gebiet zum Speichem als Widerrufungsinformation 
eine information, die einer Identifizierungsinformati- 
on einer elektronischen Vorrichtung entspricht, die 
am Zugriff zu dem digitalen Inhalt gehindert wird, die 
in dem Inhaltsspeichergebiet gespeichert ist, und (3) 
ein Masterwiderrufungsinfonmations-Speicherge- 
biet, das als Masterwiderrufungsinformation eine In- 
formation speichert, die einer Identifizierungsinfor- 
mation einer elektronischen Vorrichtung entspricht, 
die am Aktualisieren der Widerrufungsinfonnation, 
die in dem Widerrufungsinfomations-Speicherge- 
biet gespeichert ist, gehindert wird, 

wobei die Vorrichtung umfasst: 

eine erste Identifizierungsinformations-Spei- 
chereinrichtung zum Speichem einer ersten 
Identifizierungsinformation, die nicht der Ma- 
stewideiTufungsinformation entspricht, die in 
dem Masterwiderrufungsinfonnations-Spei- 
chergebiet des Speichermediums gespeichert 
ist; 

eine Zulassungserhaltungseinrichtung zum Er- 
halten unter Verwendung einer Information, die 
der ersten Identifizierungsinformation ent- 
spricht, die in der ersten Identifizierungsinfor- 
mations-Speichereinrichtung gespeichert ist, 
einer Zulassung von dem Speichermedium, urn 
die Widerrufungsinfomiation, die auf dem Spei- 
chermedium gespeichert ist, zu aktualisieren; 
und 

eine Aktualisierungseinrichtung zum Aktuali- 
sieren der Widerrufungsinformation, die auf 
dem Speichermedium gespeichert ist in Uber- 
einstimmung mit der Zulassung, die durch die 
Zulassungserhaltungseinrichtung erhalten 
wird. 

15. Widerrufungsinformations-Aktualisierungsvorrich- 
tung nach Anspruch 14, 

wobei die Aktualisierungseinrichtung die Widerru- 
fungsinformation unter Verwendung einer Informa- 
tion aktualisiert, die zuvor gespeichert wurde und 
der zweiten Identifizierungsinformation entspricht. 

1 6. Widerruf u ngs informations- Aktua I isierungsvo rrich- 
tung nach Anspruch 15, die auBerdem umfasst: 

eine Authentisierung zum Ausfuhren einer 
wechselseitigen Authentisierungsaustausch- 
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einrichtung mit dem Speichermedium, bevor 
die Zulassungsemaltungseinrichtung versucht, 
die Zulassung zu erhalten, um die Widerru- 
fungsinformation zu aktualisieren, und nur 
dann, wenn die wechselseitige Authentisierung s 
erfolgreich verlaufen ist, Erzeugen eines Ge- 
heimschlussels, der gemeinsam mit dem Spei- 
chermedium benutzt werden kann, 

wobei die Aktualisierungseinrichtung die Wi- 10 
derrufungsinformation unter Verwendung des Ge- 
heimschliissels, der durch die Authentisierungs- 
austauscheinrichtung erzeugt wurde, aktualisiert. 

17. Widerrufungsinformations-Aktualisierungsvorrich- 15 
tung nach Anspruch 16, wobei die Aktualisierungs- 
einrichtung die Widerrufungsinformation durch Ver- 
schlusseln einer neuen Widerrufungsinformation 
aktualisiert, die der zweiten Identifizierungsinfor- 
mation entspricht unter Verwendung des Geheim- 20 
schliissels, der durch die Authentisierungsaustau- 

sch einrichtung erzeugt wurde und Ubertragen der 
verschlusselten Information von der elektronischen 
Vorrichtung zu dem Speichermedium. 

25 

18. Widerrufungsinformations-Aktualisierungsvorrich- 
tung nach Anspruch 15, 

wobei die Aktualisierungsinformation in eine Viel- 
zahl von Gruppen sortiert ist und der Widerrufungs- 
iriformations-Speicherbereich eine Vielzahl von 30 
Speicherbereichen einschlieBt, von denen jeder ei- 
ne andere Gruppe speichert, 
wobei die Aktualisierungseinrichtung die Widerru- 
fungsinformation in einer Gruppe nur aktualisiert, 
die der zweiten Identifizierungsinformation ent- 35 
spricht. 

19. Widerrufungsinformations-Aktualisierungsvorrich- 
tung nach Anspruch 15, 

wobei der Masterwiderrufungsinformations-Spei- 40 
cherbereich ais die Masterwiderrufungsinformation 
eine information speichert, die durch Verschliisseln 
eines vorbestimmten Geheimschlussels erzeugt 
wurde unter Verwendung einer Identifizierungsin- 
formation einer elektronischen Vorrichtung, die am 45 
Aktualisieren der Widerrufungsinformation als ein 
Geheimschlussel gehindert wird, und 
wobei die Zulassungserhaltungseinrichtung die Zu- 
lassung durch Empfangen der Masterwiderrufungs- 
information erhalt, die von dem Speichermedium so 
gesendet wurde, durch Entsch I Ossein der Master- 
widerrufungsinformation unter Verwendung der er- 
sten Identifizierungsinformation der elektronischen 
Vorrichtung und durch Senden eines entschlussel- 
ten Ergebnisses und einer Information, die eine vor- 55 
bestimmte Art einer Ordnung zeigt, an das Spei- 
chermedium. 
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Revendications 

1 . Support de stockage qui est utilise tandis qu'il a ete 
charge dans un appareil electronique, le support de 
stockage comprenant : 

une zone de stockage de contenu pour stocker 
un contenu numerique ; 
une zone de stockage d'information de revoca- 
tion pour stocker, en tant qu'information de re- 
vocation, une information qui correspond a une 
information d'identification d'un appareil elec- 
troniquequi est empeche d'acceder au contenu 
numerique qui est stocke dans la zone de stoc- 
kage de contenu ; et 

une zone de stockage d'information de revoca- 
tion maTtre qui stocke, en tant qu'information de 
revocation maTtre, une information qui corres- 
pond a une information d'identification d'un ap- 
pareil electronique qui est empeche de mettre 
a jour Pinformation de revocation qui est stoc- 
kee dans la zone de stockage d'information de 
revocation. 

2. Support de stockage selon la revendication 1 , com- 
prenant en outre : 

un moyen de protection de contenu pour reali- 
ser une premiere appreciation de maniere a de- 
terminer si oui ou non un appareil electronique 
dans lequel le support de stockage a ete charge 
presente une information d'identification qui 
correspond a Pinformation de revocation qui est 
stockee dans la region de stockage d'informa- 
tion de revocation et pour permettre a Pappareil 
electronique d'acceder au contenu numerique 
qui est stocks dans la region de stockage de 
contenu seulementsi la premiere appreciation 
est negative ; et 

un moyen de mise a jour d'information de revo- 
cation pour r6aliser une seconde appreciation 
de maniere a determiner si oui ou non I'appareil 
electronique dans lequel le support de stocka- 
ge a 6t6 charge pr6sente une information 
d'identification qui correspond a Pinformation 
de revocation maTtre qui est stockee dans la re- 
gion de stockage d'information de revocation 
maTtre et pour permettre a I'appareil Electroni- 
que de mettre a jour Pinformation de revocation 
qui est stocked dans la region de stockage d'in- 
formation de revocation seulement si la secon- 
de appreciation est negative. 

3. Support de stockage selon la revendication 2, dans 
lequel fa region de stockage d'information de revo- 
cation maTtre est pr6vue dans une memo ire morte 
ou ROM dans laquelle Pinformation de revocation 
maTtre est stockee a Pavance. 
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Support de stockage selon la revendication 2, com- 
prenant en outre : 

un moyen d'authentification mutuelle pour rea- 
liser une authentication mutuelle en relation 5 
avec I'appareil electronique dans lequel le sup- 
port de stockage a ete charge avant que le 
moyen de mise a jour d'information de revoca- 
tion ne realise la seconde appreciation et si 
I'authentification mutuelle est couronnee de 10 
succes, pour generer une cle secrete qui peut 
etre partagee avec I'appareil electronique, 

dans lequel le moyen de mise a jour d'infor- 
mation de revocation met a jour I'information de re- is 
vocation en utilisant la cle secrete qui est g6neree 
par le moyen d'authentification mutuelle. 

Support de stockage selon la revendication 2, dans 
lequel le moyen de mise a jour d'information de re- 20 
vocation transmet une cle secrete dont I'appareil 
electronique a besoin pour mettre a jour I'informa- 
tion de revocation a I'appareil electronique seule- 
ment si la seconde appreciation est negative. 

25 

Support de stockage selon la revendication 2, dans 
lequel : 

I'information de revocation est triee selon une 
pluralite de groupes, la region de stockage d'in- 30 
formation de revocation inclut une pluralite de 
zones de stockage et chaque groupe est stocke 
dans une zone de stockage differente ; et 
en tant que seconde appreciation, le moyen de 
mise a jour d'information de revocation appre- 35 
cie 

(1) si oui ou non I'appareil electronique 
dans lequei le support de stockage a ete 
charge dispose d'une information d'identi- 40 
fication qui ne correspond pas a I'informa- 
tion de revocation maTtre qui est stockee 
dans la region de stockage d'information 

de revocation maitre ; et 

(2) si oui ou non I'appareil electronique dis- 4 $ 
pose d'une information ^identification qui 

ne correspond pas a 1'information de revo- 
cation dans un groupe specifie d'informa- 
tion de revocation que I'appareil electroni- 
que souhaite mettre a jour, so 

ia seconde appreciation etant negative seule- 
ment lorsque a la fois (1) et (2) sont affirmatifs, et 
!e moyen de mise a jour d'information de revocation 
permettant a I'appareil electronique de mettre a jour 55 
seulement reformation de revocation dans le grou- 
pe specifie. 



7. Support de stockage selon la revendication 2, dans 
lequel : 

la region de stockage d'information de revoca- 
tion stocke, en tant qu'information de revoca- 
tion, une information qui a ete generee en cryp- 
tant une cle secrete predeterminee en utilisant 
une information ^identification d'un appareil 
electronique qui est empeche d'acceder au 
contenu numerique en tant que cle ; 
le moyen de protection de contenu transmet 
l'information de revocation qui est stockee dans 
la region de stockage d'information de revoca- 
tion a I'appareil electroniq ue dans lequel le sup- 
port de stockage est charge et apprecie si oui 
ou non une information qui est recue en repon- 
se depuis I'appareil electronique presente une 
regularity predeterminee pour determiner si oui 
ou non I'appareil electronique dispose d'une in- 
formation ^identification qui correspond a Tin- 
formation de revocation qui est stockee dans la 
region de stockage d'information de 
revocation ; 

la region de stockage d'information de revoca- 
tion maTtre stocke, en tant qu'information de re- 
vocation maTtre, une information qui a 6t6 ge- 
neree en cryptant une c!6 secrete predetermi- 
nee en utilisant une information ^identification 
d'un appareil electronique qui est empeche de 
mettre a jour Tinformation de revocation en tant 
que cle ; et 

le moyen d'appreciation d'information de revo- 
cation transmet I'information de revocation 
maitre qui est stockee dans la region de stoc- 
kage d'information de revocation maTtre a I'ap- 
pareil electronique et apprecie si oui ou non une 
information qui est recue en reponse depuis 
I'appareil electronique presente un type prede- 
termine de regularity de maniere a apprecier si 
oui ou non I'appareil electronique dispose d'une 
information ^identification qui correspond a 
I'information de revocation maTtre qui est stoc- 
kee dans la region de stockage d'information 
de revocation maTtre. 

8. Precede de mise a jour d'une information de revo- 
cation sur un support de stockage, le support de 
stockage etant utilise tandis qu'il a ete charge dans 
un appareil electronique et incluant (1 ) une zone de 
stockage de contenu pour stocker un contenu nu- 
merique, (2) une zone de stockage d'information de 
revocation pour stocker, en tant qu'information de 
Evocation, une information qui correspond a une 
information ^identification d'un appareil electroni- 
que qui est empech6 d'acceder au contenu nume- 
rique qui est stocke dans la zone de stockage de 
contenu et (3) une zone de stockage d'information 
de revocation maTtre qui stocke, en tant qu'informa- 
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10. 
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tion de Evocation maTtre, une information qui cor- 
respond a une information d'identification d'un ap- 
pareil electron ique qui est empeche de mettre a jour 
information de revocation qui est stockee dans la 
zone de stockage d'information de revocation, 5 
le procede comprenant : 

une etape de detection pour detecter si oui ou 
non le support de stockage a ete charge dans 
un appareil electronique ; 10 
une etape depreciation pour realiser une pre- 
miere appreciation de maniere a determiner si 
oui ou non une premiere information d'identifi- 
cation de I'appareil electronique ne correspond 
pas a information de revocation maTtre qui est 15 
stockee dans la zone de stockage d'information 
de revocation maTtre du support de stockage ; 
et 

une etape de mise a jour pour mettre a jour Pin- 
formation de revocation qui est stockee dans la 20 
zone de stockage d'information de revocation 
seulement lorsque la premiere appreciation est 
affirmative. 

Proced6 de mise a jour d'information de revocation 25 
selon la revendication 8, dans iequel I'etape de mise 
a jour dispose d'une information qui correspond a 
une seconde information d'identification d'un appa- 
reil electronique qui est stockee dans la zone de 
stockage d'information de revocation en tant que 30 
nouvelle information de revocation. 

Procede de mise a jour d'information de revocation 
selon la revendication 9, comprenant en outre : 

35 

une etape d'authentification mutuelie selon la- 
quelle une authentification mutuelie est reali- 
see entre I'appareil electronique et le support 
de stockage et seulement si I'authentification 
mutuelie est couronnee de succes, une cle se- *o 
crete qui doit etre partagee par I'appareil elec- 
tronique et par le support de stockage est ge- 
neree, 

dans Iequel I'etape de mise a jour met a jour *s 
Pinformation de revocation en utilisant la cle secrete 
qui est generee pendant I'etape d'authentification 
mutuelie. 

Procede de mise a jour d'information de revocation so 
selon la revendication 1 0, dans Iequel I'etape de mi- 
se a jour inclut : 



pendant l'6tape d'authentification mutuelie, et 
pourfaire en sorte que Pinformation cryptee soit 
transferee depuis I'appareil electronique sur le 
support de stockage ; et 
une sous-etape de stockage pour decrypter 
Pinformation cryptee transferee en utilisant la 
cle secrete et pour stocker Pinformation dans la 
region de stockage d'information de revocation 
en tant que nouvelle information de revocation. 

12. Procede de mise a jour d'information de revocation 
selon la revendication 9, dans Iequel : 

I'etape ^appreciation inclut une sous-etape 
depreciation pour realiser une troisieme ap- 
preciation consistant a determiner si oui ou non 
ia seconde information d'identification corres- 
pond a information de revocation qui est stoc- 
kee dans la region de stockage d'information 
de revocation ; et 

lorsque la premiere appreciation est affirmative 
et que la troisieme appreciation est negative, 
I'etape de mise a jour a pour effet que la secon- 
de information d'identification est stockee dans 
la region de stockage d'information de revoca- 
tion en tant que nouvelle information de revo- 
cation. 

13. Procede de mise a jour d'information de revocation 
selon la revendication 9, dans iequel : 

la region de stockage d'information de revoca- 
tion maTtre stocke, en tant qu' information de re- 
vocation maTtre, une information qui est produi- 
te en cryptant une cle secrete speciale en utili- 
sant une information d'identification d'un appa- 
reil electronique qui est empeche de mettre a 
jour Pinformation de revocation en tant que cle ; 
et 

I'etape depreciation transmet information de 
revocation maTtre qui est stockee dans la re- 
gion de stockage d'information de revocation 
maitre a I'appareil electronique dans Iequel le 
support de stockage a ete charge et apprecie 
si oui ou non Pinformation d'identification de 
I'appareil electronique correspond a informa- 
tion de revocation maTtre qui est stockee dans 
la region de stockage d'information de revoca- 
tion maTtre sur le support de stockage en ap- 
preciant si oui ou non une reponse qui est recue 
depuis I'appareil electronique presente un type 
de regularity predetermine. 



une sous-6tape de transfer! pour crypter, lors- 14. 
que la premiere appreciation est affirmative, 55 
une information qui correspond a la seconde in- 
formation d'identification de I'appareil electro- 
nique en utilisant la cle secrete qui est generee 



Appareil de mise a jour d'information de revocation 
pour mettre a jour une information de revocation sur 
un support de stockage, le support de stockage 
etant utilise tandis qu'il est charge dans un appareil 
electronique et incluant (1) une zone de stockage 
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de contenu pour stacker un contenu numerique, (2) 
une zone de stockage d'information de revocation 
pour stacker, en tant qu'information de revocation, 
une information qui correspond a une information 
^identification d'un appareil eiectronique qui est s 
empeche d'acceder au contenu numerique qui est 
stocke dans la zone de stockage de contenu et (3) 
une zone de stockage d'information de revocation 
maitre qui stocke, en tant qu'information de revoca- 
tion maitre, une information qui correspond a une 10 
information d'identification d'un appareil electronic 
que qui est empeche de mettre a jour ('information 
de revocation qui est stockee dans la zone de stoc- 
kage d'information de revocation, 

I'appareil comprenant : 15 

un premier moyen de stockage d'information 
d'identification pour stacker une premiere infor- 
mation d'identification qui ne correspond pas a 
I'information de revocation mattre qui est stoc- 20 
kee dans la zone de stockage d'information de 
revocation maitre du support de stockage ; 
un moyen d'obtention d'autorisation pour obte- 
nir, en utilisant une information qui correspond 
a la premiere information ^identification qui est 25 
stock6e dans le premier moyen de stockage 
d'information d' identification, I'autorisation en 
provenance du support de stockage de mettre 
a jour I'information de revocation qui est stoc- 
kee sur le support de stockage ; et 30 
un moyen de mise a jour pour mettre a jour Tin- 
formation de revocation qui est stockee sur le 
support de stockage conform6ment a I'autori- 
sation qui est obtenue a Taide du moyen d'ob- 
tention d'autorisation. 35 

15. Appareil de mise a jour d'information de revocation 
selon la revendication 14, dans lequel le moyen de 
mise a jour met a jour I'information de revocation en 
utilisant une information qui est stockee au preala- 40 
ble et qui correspond a la seconde information 
d'identification. 

16. Appareil de mise a jour d'information de revocation 
selon la revendication 15, comprenant en outre : *s 

un moyen d'authentification mutuelle pour rea- 
liser une authentification mutuelle en relation 
avec le support de stockage avant que le 
moyen d'obtention d'autorisation ne tente d'ob- so 
tenir I'autorisation de mettre a jour I'information 
de revocation et seulement lorsque I'authentifi- 
cation mutuelle est couronnee de succes, pour 
gen6rer une cie secrete qui peut etre partagee 
avec le support de stockage, 55 

dans lequel le moyen de mise a jour met a 
jour i'information de revocation en utilisant lacie se- 
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crete qui est gen6ree par le moyen d'authentifica- 
tion mutuelle. 

17. Appareil de mise a jour d'information de revocation 
selon la revendication 1 6, comprenant en outre : 

le fait que le moyen de mise a jour met a jour 
Tinformation de revocation en cryptant une 
nouvelle information de revocation correspon- 
dent a la seconde information d'identification 
en utilisant la cie secrete qui est generee par le 
moyen d'authentification mutuelle et dispose 
de I'information cryptee qui est transferee de- 
puis I'appareil etectronique sur le support de 
stockage. 

18. Appareil de mise a jour d'information de revocation 
selon la revendication 15, dans lequel : 

I'information de revocation est triee selon une 
pturalite de groupes et la region de stockage 
d'information de revocation inclut une pluralite 
de regions de stockage qui stockent chacune 
un groupe different, 

le moyen de mise a jour mettant a jour seule- 
ment I'information de revocation dans un grou- 
pe qui correspond a la seconde information 
d'identification. 

19. Appareil de mise a jour d'information de revocation 
selon la revendication 15, dans lequel : 

la region de stockage d'information de revoca- 
tion maitre stocke, en tant qu'information de re- 
vocation maitre, une information qui est produi- 
te en cryptant une cie secrete predeterminee 
en utilisant une information d'identification d'un 
appareil etectronique qui est empeche de met- 
tre a jour I'information de revocation en tant que 
cie secrete ; et 

le moyen d'obtention d'autorisation obtient 
I'autorisation en recevant I'information de revo- 
cation maitre qui est envoyee depuis le support 
de stockage, en decryptant I'information de re- 
vocation maitre en utilisant la premiere infor- 
mation d'identification de I'appareil eiectroni- 
que et en envoyant un resultat decrypte d'infor- 
mation qui pr6sente un type predetermine de 
regularite au support de stockage. 
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